/*
 * FileName: LoginInterceptor.java
 *
 *  
 */
package com.mrc.core.utils;

import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

/**
 * <p>
 * Description: 登陆拦截器
 * </p>
 *
 * @author Mrc
 * @version 4.1

 * <p>
 * History: 
 *
 * Date                     Author         Version     Description
 * ---------------------------------------------------------------------------------
 * 2016-11-19 上午11:35:51          Mrc        4.1         To create
 * </p>
 *
 * @since 
 * @see     
 */
public class LoginInterceptor extends HandlerInterceptorAdapter {
    //    private static final String[] IGNORE_URI = { "/login.jsp", "/Login/", "backui/", "frontui/" };

    private List<String> excludedUrls;

    public void setExcludedUrls(List<String> excludedUrls) {
        this.excludedUrls = excludedUrls;
    }

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        String requestUri = request.getRequestURI();
        //当前路径在xml中配置的例外，直接访问，不需要登录
        for (String url : excludedUrls) {
            if (requestUri.endsWith(url)) {
                return true;
            }
        }

        //intercept  如果当前窗口中的session有用户登录了。user中就会有内容。如果有内容，返回成功，不用再登录
        HttpSession session = request.getSession();
        if (session.getAttribute("user") == null) {
            throw new AuthorizationException();
        } else {
            return true;
        }

    }

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
        super.postHandle(request, response, handler, modelAndView);
    }
}
